Secure TCP/IP connections for MCU-based embedded systems

July 14, 2016 // By Graham Prophet
Segger’s Secure Shell software product is targeted at microcontroller-based systems; the emSSH software library is an advanced package intended for creating secure connections between a client and a server, typically over a TCP/IP connection.

Secure shell (SSH) is a requirement for the transfer of commands and data via a secure and encrypted connection. emSSH includes all modules which are required for implementing SSH cryptographic networks. These are provided as source code, in order to allow complete control of the code being employed. emSSH also delivers full transparency, thereby eliminating concerns about possible back doors or potential code weakness - neither of which can be checked via conventional pre-compiled libraries. Key applications include secure remote controls, such as process monitors and their related sensors/actuators.

 

Segger (Hilden, Germany) designed emSSH and its underlying crypto engine from the ground up for incorporation into embedded systems. The crypto engine is flexible and can make use of hardware acceleration (if available), giving developers the capabilities needed for optimizing performance and throughput to a high degree. It comes with a simple, yet powerful application program interface (API) for greater user convenience.

 

emSSH is both hardware and transport independent. It integrates seamlessly with Segger’s embOS/IP, as well as third party stacks, through the standard socket interface. Although SSH is usually associated with secure connections to a server using TCP/IP, an SSH session can secure any bidirectional channel, for instance a serial line or wireless link.

 

The emSSH library can be configured to fit any speed or size requirements. This means that user performance can be maximized while utilizing minimal memory footprint. Unused features can be excluded and additional features can easily be added. The complete software package is written in ANSI C and is both compiler and target independent.

 

Segger; www.segger.com/emssh.html